ldap-escape
Advanced tools
ldap-escape - npm Package Compare versions
Comparing version 2.0.0 to 2.0.1
@@ -1,2 +0,2 @@ | ||
| Copyright (c) 2015, 2016, 2017 Thomas Cort <linuxgeek@gmail.com> | ||
| Copyright (c) 2015, 2016, 2017, 2018, 2019 Thomas Cort <linuxgeek@gmail.com> | ||
@@ -3,0 +3,0 @@ Permission to use, copy, modify, and distribute this software for any |
| { | ||
| "name": "ldap-escape", | ||
| "version": "2.0.0", | ||
| "version": "2.0.1", | ||
| "description": "Escape functions for LDAP filters and distinguished names to prevent LDAP injection attacks.", | ||
@@ -8,3 +8,3 @@ "main": "index.js", | ||
| "pretest": "jshint index.js", | ||
| "test": "mocha -R spec" | ||
| "test": "jest" | ||
| }, | ||
@@ -31,5 +31,4 @@ "repository": { | ||
| "devDependencies": { | ||
| "expect.js": "^0.3.1", | ||
| "jshint": "^2.9.5", | ||
| "mocha": "^4.0.1" | ||
| "jest": "^24.1.0", | ||
| "jshint": "^2.10.1" | ||
| }, | ||
@@ -36,0 +35,0 @@ "jshintConfig": { |
| 'use strict'; | ||
| var ldapEscape = require('../index'); | ||
| var expect = require('expect.js'); | ||
@@ -10,11 +9,11 @@ describe('ldap-escape', function () { | ||
| const uid = 1337; | ||
| expect(ldapEscape.filter`(uid=${uid})`).to.be('(uid=1337)'); | ||
| expect(ldapEscape.filter`(uid=${uid})`).toBe('(uid=1337)'); | ||
| }); | ||
| it('should correctly escape the OWASP Christmas Tree Example', function () { | ||
| const test = 'Hi (This) = is * a \\ test # ç à ô'; | ||
| expect(ldapEscape.filter`(test=${test})`).to.be('(test=Hi \\28This\\29 = is \\2a a \\5c test # ç à ô)'); | ||
| expect(ldapEscape.filter`(test=${test})`).toBe('(test=Hi \\28This\\29 = is \\2a a \\5c test # ç à ô)'); | ||
| }); | ||
| it('should correctly escape the PHP test case', function () { | ||
| const test = 'foo=bar(baz)*'; | ||
| expect(ldapEscape.filter`${test}`).to.be('foo=bar\\28baz\\29\\2a'); | ||
| expect(ldapEscape.filter`${test}`).toBe('foo=bar\\28baz\\29\\2a'); | ||
| }); | ||
@@ -26,3 +25,3 @@ }); | ||
| const dc = 'com'; | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).to.be('cn=alice,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).toBe('cn=alice,dc=com'); | ||
| }); | ||
@@ -32,3 +31,3 @@ it('should escape a leading space', function () { | ||
| const dc = 'com'; | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).to.be('cn=\\ alice,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).toBe('cn=\\ alice,dc=com'); | ||
| }); | ||
@@ -38,3 +37,3 @@ it('should escape a leading hash', function () { | ||
| const dc = 'com'; | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).to.be('cn=\\#alice,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).toBe('cn=\\#alice,dc=com'); | ||
| }); | ||
@@ -44,3 +43,3 @@ it('should escape a leading hash and trailing space', function () { | ||
| const dc = 'com'; | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).to.be('cn=\\#\\ ,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).toBe('cn=\\#\\ ,dc=com'); | ||
| }); | ||
@@ -50,3 +49,3 @@ it('should escape a trailing space', function () { | ||
| const dc = 'com'; | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).to.be('cn=alice\\ ,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).toBe('cn=alice\\ ,dc=com'); | ||
| }); | ||
@@ -56,7 +55,7 @@ it('should escape a dn of just 3 spaces', function () { | ||
| const dc = 'com'; | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).to.be('cn=\\ \\ ,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},dc=${dc}`).toBe('cn=\\ \\ ,dc=com'); | ||
| }); | ||
| it('should correctly escape the OWASP Christmas Tree Example', function () { | ||
| const dn = ' Hello\\ + , "World" ; '; | ||
| expect(ldapEscape.dn`${dn}`).to.be('\\ Hello\\\\ \\+ \\, \\\"World\\\" \\;\\ '); | ||
| expect(ldapEscape.dn`${dn}`).toBe('\\ Hello\\\\ \\+ \\, \\\"World\\\" \\;\\ '); | ||
| }); | ||
@@ -67,14 +66,14 @@ it('should correctly escape the Active Directory Examples', function () { | ||
| cn = 'Smith, James K.'; | ||
| expect(ldapEscape.dn`cn=${cn},ou=West,dc=MyDomain,dc=com`).to.be('cn=Smith\\, James K.,ou=West,dc=MyDomain,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},ou=West,dc=MyDomain,dc=com`).toBe('cn=Smith\\, James K.,ou=West,dc=MyDomain,dc=com'); | ||
| ou = 'Sales\\Engineering'; | ||
| expect(ldapEscape.dn`ou=${ou},dc=MyDomain,dc=com`).to.be('ou=Sales\\\\Engineering,dc=MyDomain,dc=com'); | ||
| expect(ldapEscape.dn`ou=${ou},dc=MyDomain,dc=com`).toBe('ou=Sales\\\\Engineering,dc=MyDomain,dc=com'); | ||
| cn = 'East#Test + Lab'; | ||
| expect(ldapEscape.dn`cn=${cn},ou=West,dc=MyDomain,dc=com`).to.be('cn=East\\#Test \\+ Lab,ou=West,dc=MyDomain,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},ou=West,dc=MyDomain,dc=com`).toBe('cn=East\\#Test \\+ Lab,ou=West,dc=MyDomain,dc=com'); | ||
| cn = ' Jim Smith '; | ||
| expect(ldapEscape.dn`cn=${cn},ou=West,dc=MyDomain,dc=com`).to.be('cn=\\ Jim Smith\\ ,ou=West,dc=MyDomain,dc=com'); | ||
| expect(ldapEscape.dn`cn=${cn},ou=West,dc=MyDomain,dc=com`).toBe('cn=\\ Jim Smith\\ ,ou=West,dc=MyDomain,dc=com'); | ||
| }); | ||
| }); | ||
| }); |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Dev dependency count
- decreased by-33.33%
2
Worsened metrics
- Total package byte prevSize
- decreased by-0.78%
9134
- Lines of code
- decreased by-0.83%
119